BT and Cisco are kicking off the new year by highlighting the new managed security services they are cooperating to deliver, based on an integrated approach to network security that Cisco is powering within BT.
On BT Group plc (NYSE: BT; London: BTA)'s part, the carrier reinforces something AT&T Inc. (NYSE: T)'s Chief Security Officer Ed Amoroso said in December -- that the current threat landscape requires a new security architecture. And clearly, the British giant has turned to Cisco Systems Inc. (Nasdaq: CSCO) to provide that architecture.
BT's viewpoint is explained in this video, released yesterday, and Cisco's in this blog, released this morning and in an interview with Light Reading. Interestingly, BT focuses heavily on the integration angle and the need for a consolidated security architecture, while mentioning the move to virtualization, and Cisco focuses first on the broader security threat landscape posed by programmable network architectures and the rise of new services such as the Internet of Things and the cloud.
Read the latest on issues around network security in our security section
here on Light Reading.
But the partners are in clear agreement on the key aspects of their joint strategy: to create a unified and comprehensive approach to addressing the growing and more complex threat landscape which BT then can use to not only protect its own networks but as the basis for managed security services it sells to its enterprise customers.
BT is facing a 1,000% increase in cyberattacks in the last 13 months, says Les Anderson, VP of Cyber at BT, in the video. These are more often transport-level attacks that target BT's network and network elements, according to Mark Hughes, CEO of BT Security. The carrier is now using Cisco's ASA FirePOWER firewalls, its Next-Generation IPS (NGIPS) and its Advanced Malware Protection (AMP) capabilities in its integrated approach to building a more secure network.
Cisco calls this a threat-centric security architecture, by which it means that point solutions or security silos are replaced by an integrated multi-layer approach that is context-specific and not only tries to prevent attacks but to quickly identify and mitigate them when they occur. Every threat has its own lifecycle and must be addressed at every step as part of a broader strategy.
"It provides a much better way to quickly pinpoint problems and provide protection within [a specific carrier's] environment, because every service provider's network is unique," says Sam Rastogi, senior security product marketing manager at Cisco. Using analysis of network traffic and its behavior to identify threats before they compromise a network or enterprise IT operation, NGIPS also tailors protection to the type of asset being protected, focusing the greatest level of protection on the most valuable assets.
This approach targets "day zero" attacks, not just known threats, in recognition of the fact that attacks are always evolving. It is also aimed at identifying threats from within -- i.e., those that have penetrated a network and need to be contained and mitigated. That's important because many of today's attacks are polymorphic -- they that evolve over time -- and some of the greatest damage is being done by malware or other threats that live within a network over a long period of time, creating the potential for massive data breaches.
Cisco has built its strategy on its network knowledge but also on key acquisitions including SourceFire, which developed the NGIPS, and also ThreatGrid and, most recently, OpenDNS. (See Cisco Banks on Sourcefire & Snort for Security, Why Cisco Is Acquiring ThreatGrid and Cisco to Buy Security Expert for $635M.)
But it's the integration that holds the greatest appeal for BT, says Hughes. He credits Cisco's "smart" acquisition strategy for giving it a significant differentiator in the marketplace.
Other security vendors are also heeding the carrier's cry for new approaches, and some traditional security vendors are virtualizing their products and looking to be part of this transition as well.
Rastogi says that as Cisco addresses the service provider security need, it will be working with some of these other players and is committed to maintaining an open security architecture. But it's also clear Cisco has put a major notch in its security belt with the BT deal, and that this success is built on being a trusted partner in creating this new kind of response to the growing security threat.
— Carol Wilson, Editor-at-Large, Light Reading